Real-World Examples
This page provides complete, production-ready configuration examples for common deployment scenarios.
E-Commerce Platform
A global e-commerce company with multiple environments and strong isolation requirements.
Requirements
- 5 accounts (dev, staging, production, analytics, backup)
- Multi-region production (4 regions)
- AWS primary, Azure for backup
- 6 subnet types per AZ
Configuration
{ "baseCidr": "10.0.0.0/8", "prefixLengths": { "account": 16, "region": 20, "az": 22 }, "accounts": [ { "name": "ecommerce-development", "clouds": { "aws": { "regions": ["us-east-1", "us-west-2"] } } }, { "name": "ecommerce-staging", "clouds": { "aws": { "regions": ["us-east-1", "us-west-2"] } } }, { "name": "ecommerce-production", "clouds": { "aws": { "regions": ["us-east-1", "us-west-2", "eu-west-1", "ap-southeast-1"] } } }, { "name": "ecommerce-analytics", "clouds": { "aws": { "regions": ["us-east-1", "eu-west-1"] } } }, { "name": "ecommerce-backup", "clouds": { "azure": { "regions": ["eastus", "westeurope"] } } } ], "subnetTypes": { "WebTier": 24, "ServiceTier": 24, "DataTier": 25, "PublicALB": 26, "Cache": 27, "Management": 28 }}Resulting Allocation
| Account | Regions | AZs | Subnets | Total IPs |
|---|---|---|---|---|
| ecommerce-development | 2 | 6 | 36 | ~4,000 |
| ecommerce-staging | 2 | 6 | 36 | ~4,000 |
| ecommerce-production | 4 | 12 | 72 | ~8,000 |
| ecommerce-analytics | 2 | 6 | 36 | ~4,000 |
| ecommerce-backup | 2 | 6 | 36 | ~4,000 |
Financial Services
A financial institution with stringent compliance requirements and multi-cloud strategy.
Requirements
- Complete isolation between business units
- Multi-layer security zones
- Audit-ready subnet naming
- AWS, Azure, and GCP
Configuration
{ "baseCidr": "10.0.0.0/8", "prefixLengths": { "account": 16, "region": 19, "az": 22 }, "accounts": [ { "name": "finance-shared-services", "clouds": { "aws": { "baseCidr": "10.0.0.0/16", "regions": ["us-east-1", "us-west-2", "eu-west-1", "ap-southeast-1"] } } }, { "name": "finance-retail-banking", "clouds": { "aws": { "baseCidr": "10.1.0.0/16", "regions": ["us-east-1", "us-west-2", "eu-west-1"] } } }, { "name": "finance-investment", "clouds": { "aws": { "baseCidr": "10.2.0.0/16", "regions": ["us-east-1", "us-west-2"] } } }, { "name": "finance-insurance", "clouds": { "azure": { "baseCidr": "10.16.0.0/16", "regions": ["eastus", "westeurope"] } } }, { "name": "finance-analytics", "clouds": { "gcp": { "baseCidr": "10.32.0.0/16", "regions": ["us-central1", "europe-west1"] } } } ], "subnetTypes": { "Application": 23, "DMZ": 24, "Presentation": 24, "Data": 25, "HighSecurity": 26, "Audit": 27, "Management": 28 }}Security Architecture
DMZ (Public) ↓Presentation Tier (WAF, Load Balancers) ↓Application Tier (Business Logic) ↓Data Tier (Databases, Caches) ↓High Security (HSM, Key Management)SaaS Multi-Tenant
A SaaS provider with tiered tenant isolation.
Requirements
- Shared infrastructure account
- Tenant tiers with different isolation levels
- Development environment
- Single cloud (AWS) with global presence
Configuration
{ "baseCidr": "10.0.0.0/8", "prefixLengths": { "account": 16, "region": 20, "az": 22 }, "accounts": [ { "name": "saas-infrastructure", "clouds": { "aws": { "baseCidr": "10.0.0.0/12", "regions": ["us-east-1", "us-west-2", "eu-west-1", "ap-southeast-1"] } } }, { "name": "saas-tenant-enterprise", "clouds": { "aws": { "regions": ["us-east-1", "eu-west-1", "ap-southeast-1"] } } }, { "name": "saas-tenant-business", "clouds": { "aws": { "regions": ["us-east-1", "us-west-2"] } } }, { "name": "saas-tenant-starter", "clouds": { "aws": { "regions": ["us-east-1"] } } }, { "name": "saas-development", "clouds": { "aws": { "regions": ["us-east-1"] } } } ], "subnetTypes": { "AppTier": 23, "EdgeServices": 24, "APITier": 24, "DataTier": 24, "SharedServices": 25, "Management": 27 }}Tenant Isolation Model
| Tier | Regions | Isolation | Use Case |
|---|---|---|---|
| Enterprise | 3 | Dedicated VPCs | Large customers, compliance needs |
| Business | 2 | Shared VPC, separate subnets | Mid-market customers |
| Starter | 1 | Shared subnets | Small customers, cost-sensitive |
Startup Scaling
A fast-growing startup expanding from single to multi-region.
Requirements
- Start with minimal infrastructure
- Plan for 10x growth
- Single cloud initially
- Easy to add regions later
Configuration
{ "baseCidr": "10.0.0.0/16", "prefixLengths": { "account": 16, "region": 19, "az": 21 }, "accounts": [ { "name": "production", "clouds": { "aws": { "regions": ["us-west-2", "us-east-1", "eu-west-1", "ap-southeast-1"] } } } ], "subnetTypes": { "Application": 22, "Public": 24, "Database": 25, "Cache": 26, "Management": 27 }}Growth Path
Phase 1: us-west-2 only (current) ↓Phase 2: Add us-east-1 (US expansion) ↓Phase 3: Add eu-west-1 (GDPR compliance) ↓Phase 4: Add ap-southeast-1 (APAC expansion)Hybrid Cloud
An organization with on-premises infrastructure connecting to cloud.
Requirements
- Reserve space for on-premises (10.32.0.0/11)
- AWS primary cloud
- Azure secondary cloud
- No overlaps with existing on-prem ranges
Configuration
{ "baseCidr": "10.0.0.0/8", "accounts": [ { "name": "cloud-primary", "clouds": { "aws": { "baseCidr": "10.0.0.0/12", "regions": ["us-east-1", "us-west-2", "eu-west-1"] } } }, { "name": "cloud-dr", "clouds": { "azure": { "baseCidr": "10.16.0.0/12", "regions": ["eastus", "westeurope"] } } } ], "subnetTypes": { "Private": 23, "Public": 24, "Data": 25, "Management": 27, "Transit": 28 }}Address Space Allocation
| Range | Assignment |
|---|---|
10.0.0.0/12 | AWS (cloud-primary) |
10.16.0.0/12 | Azure (cloud-dr) |
10.32.0.0/11 | On-premises (reserved) |
10.64.0.0/10 | Future expansion |
Mergers & Acquisitions
A parent company integrating acquired companies.
Requirements
- Parent company has established infrastructure
- Each acquisition gets dedicated space
- Reserved space for future acquisitions
- Migration subnets for transitions
Configuration
{ "baseCidr": "10.0.0.0/8", "prefixLengths": { "account": 16, "region": 20, "az": 22 }, "accounts": [ { "name": "parent-company", "clouds": { "aws": { "baseCidr": "10.0.0.0/12", "regions": ["us-east-1", "us-west-2", "eu-west-1", "ap-southeast-1"] }, "azure": { "baseCidr": "10.16.0.0/12", "regions": ["eastus", "westeurope", "southeastasia"] } } }, { "name": "acquisition-alpha", "clouds": { "aws": { "baseCidr": "10.32.0.0/16", "regions": ["us-east-1", "eu-west-1"] } } }, { "name": "acquisition-beta", "clouds": { "azure": { "baseCidr": "10.33.0.0/16", "regions": ["eastus", "westeurope"] } } }, { "name": "future-acquisitions", "clouds": { "aws": { "baseCidr": "10.34.0.0/14", "regions": [] } } } ], "subnetTypes": { "AppTier": 23, "Public": 24, "DataTier": 24, "Migration": 24, "SharedServices": 25, "Management": 26 }}Integration Strategy
- Allocate dedicated space for each acquisition
- Set up transit connectivity using Migration subnets
- Gradually migrate services to parent infrastructure
- Reclaim address space after migration complete
Download Examples
All example configurations are available in the examples directory on GitHub.
# Clone and try an examplegit clone https://github.com/gangster/subnetter.gitcd subnetter/examplessubnetter generate -c kubernetes-config.json -o k8s-allocations.csvNext Steps
- Best Practices - Design patterns and strategies
- Configuration Reference - Complete schema documentation
- Kubernetes Network Design - Specialized K8s guide